I have an issue with my IDM environment where passwords changed in MAD
are only synchronized to the ID vault when they are changed from the DC
that's hosting the remote loader.

System:
IDM engine version 4.6.3 running on RHEL 7
MAD Domain consists of eight Windows Server 2016 systems
DC-VP08 houses the RL
Remote loader version 4.6.3
ADDriver.DLL version 4.0.2.1
PWFILTER.DLL & PSEVENT.DLL version 2.8.0.0

I went through the troubleshooting process and couldn't find anything
obvious. The output file is here: https://pastebin.com/vBFtGtmk
(One question: when the trace says "pwFilter can connect to PassSync RPC
server on driver machine - 0 ", that means it CAN connect, right? Or
does the zero indicate that it failed?)

You may notice that there aren't many password changes logged. This is
because we don't permit users to change their own passwords from AD --
they must use a password portal that's attached directly to the vault.
For that reason, this is not a huge issue for me. On the other hand,
some types of accounts required by AD (e.g., service accounts) are
managed from the AD side. This causes headaches when admins forget to
connect to DC-VP08 before setting the password on an account.

Suggestions welcome.

Thanks